diff options
author | Ed Costello <orthanc@users.noreply.github.com> | 2018-11-15 06:15:24 +1300 |
---|---|---|
committer | Sloane Hertel <shertel@redhat.com> | 2018-11-14 12:15:24 -0500 |
commit | b70d5d9aeecae300f4e8a2626a4b8817375dce53 (patch) | |
tree | 558c8561e891cc37f0d0de14da653c38ae107173 /hacking | |
parent | b759862daa59ca856ada1f813c0601553cd662a9 (diff) | |
download | ansible-b70d5d9aeecae300f4e8a2626a4b8817375dce53.tar.gz |
[AWS] ses rule set module for inbound email processing (#42781)
* Add module ses_rule_set for Amazon SES
* Update behaviours and naming to be consistent with other aws_ses_ modules.
* Add global lock around tests using active rule sets to prevent intermittent test failures.
* Fix deletion of rule sets so that we don't inactivate the active rule set
when force deleting an inactive rule set.
Diffstat (limited to 'hacking')
-rw-r--r-- | hacking/aws_config/testing_policies/compute-policy.json | 9 | ||||
-rw-r--r-- | hacking/aws_config/testing_policies/security-policy.json | 22 |
2 files changed, 30 insertions, 1 deletions
diff --git a/hacking/aws_config/testing_policies/compute-policy.json b/hacking/aws_config/testing_policies/compute-policy.json index 2bab151f13..3a18c17552 100644 --- a/hacking/aws_config/testing_policies/compute-policy.json +++ b/hacking/aws_config/testing_policies/compute-policy.json @@ -234,7 +234,14 @@ "ses:GetIdentityPolicies", "ses:PutIdentityPolicy", "ses:DeleteIdentityPolicy", - "ses:ListIdentityPolicies" + "ses:ListIdentityPolicies", + "ses:SetIdentityFeedbackForwardingEnabled", + "ses:ListReceiptRuleSets", + "ses:DescribeReceiptRuleSet", + "ses:DescribeActiveReceiptRuleSet", + "ses:SetActiveReceiptRuleSet", + "ses:CreateReceiptRuleSet", + "ses:DeleteReceiptRuleSet" ], "Resource": [ "*" diff --git a/hacking/aws_config/testing_policies/security-policy.json b/hacking/aws_config/testing_policies/security-policy.json index 302b60b085..da25b72dc2 100644 --- a/hacking/aws_config/testing_policies/security-policy.json +++ b/hacking/aws_config/testing_policies/security-policy.json @@ -31,6 +31,28 @@ "Action": "waf:*", "Effect": "Allow", "Resource": "*" + }, + { + "Sid": "AllowListingCloudwatchLogs", + "Effect": "Allow", + "Action": [ + "logs:DescribeLogGroups" + ], + "Resource": [ + "arn:aws:logs:{{aws_region}}:{{aws_account}}:log-group:*" + ] + }, + { + "Sid": "AllowModifyingCloudwatchLogs", + "Effect": "Allow", + "Action": [ + "logs:CreateLogGroup", + "logs:PutRetentionPolicy", + "logs:DeleteLogGroup" + ], + "Resource": [ + "arn:aws:logs:{{aws_region}}:{{aws_account}}:log-group:ansible-testing*" + ] } ] } |